package com.zyf.springboot.config.shiro;

import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.HashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {
    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager defaultWebSecurityManager) {

        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //给filter设置安全管理器
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);

        //配置系统受限资源
        //配置系统公共资源
        Map<String, String> map = new HashMap<String, String>();
        //偷懒.jpg------->role角色认证
        map.put("/test1","roles[test]");
        //由于这是白嫖的另一张表的数据，只有超级用户可以进行修改删除添加。在此系统中不存在超级用户。
        map.put("/deleteUser","roles[SuperAdmin]");
        map.put("/updateUser","roles[SuperAdmin]");
        map.put("/addUser","roles[SuperAdmin]");
        map.put("/static/**", "anon");
        map.put("/**", "authc");//authc 请求这个资源需要认证和授权
        map.put("/loginTable", "anon");
        map.put("/login", "anon");//anon 不要求就直接访问
        map.put("/test", "anon");//默认认证界面路径---当认证不通过时跳转
        shiroFilterFactoryBean.setLoginUrl("/login");
        shiroFilterFactoryBean.setUnauthorizedUrl("/error1");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);

        return shiroFilterFactoryBean;
    }

    //2.创建安全管理器
    @Bean
    public DefaultWebSecurityManager getDefaultWebSecurityManager(Realm realm) {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        //给安全管理器设置
        defaultWebSecurityManager.setRealm(realm);

        return defaultWebSecurityManager;
    }

    //3.创建自定义realm
    @Bean
    public Realm getRealm() {

        return new MyRealm();
    }

}
